Governance, Risk and Compliance Analyst

About the Opportunity

Job Summary

The Governance Risk and Compliance (GRC) Analyst supports compliance and governance initiatives for both government and higher education environments. Core responsibilities include implementing and maintaining National Institute of Standards and Technology (NIST)-compliant frameworks supporting Cybersecurity Maturity Model Certification (CMMC) requirements and ensuring adherence to security controls across diverse environments. The GRC Analyst will collaborate with teams to assess risk manage compliance documentation and ensure that security frameworks and controls are implemented effectively and efficiently.

This position requires occasional availability outside of traditional working hours to address urgent business needs including responding to security incidents supporting software deployments resolving software issues or system breaks and addressing other critical operational requirements. The GRC Analyst mitigates disruption to business operations by promptly addressing issues as they arise.

This is a hybrid role requiring a minimum of three days per week in the Boston office to facilitate collaboration direct engagement with staff and students and contribute to a dynamic on-campus work environment.

Applicants must be authorized to work in the United States. The University is unable to sponsor this role now or in the future.

Minimum Qualifications

• Proficiency with Cybersecurity Maturity Model Certification (CMMC) and NIST frameworks and controls

• Knowledge of compliance standards in government and higher education environments

• Effective written and verbal communication skills with the ability to convey complex compliance requirements to stakeholders at various organizational levels

• Adaptable with high initiative and a strong sense of urgency

• Ability to analyze complex data identify patterns and translate findings into actionable insights as well as evaluate risks and develop appropriate responses

• Bachelors degree and at least 24 years of relevant experience required

Key Responsibilities & Accountabilities

• Support CMMC compliance efforts within a government environment (25%)

• Assist in implementing NIST-based security frameworks and controls in a higher education setting (25%)

• Conduct risk assessments and audits to ensure compliance with security standards (25%)

• Develop and maintain compliance documentation and reporting (25%)

Position Type

Additional Information

Northeastern University considers factors such as candidate work experience education and skills when extending an offer.

All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race religion color national origin age sex sexual orientation disability status or any other characteristic protected by applicable law.

Compensation Grade/Pay Type:

Expected Hiring Range:

With the pay range(s) shown above the starting salary will depend on several factors which may include your education experience location knowledge and expertise and skills as well as a pay comparison to similarly-situated employees already in the role. Salary ranges are reviewed regularly and are subject to change.